Linux as a Domain Controller in a Windows environment

[Bruce98]

Greetings, excellent Forums here!

For many years now we have been using Microsoft Server O/S's to power our Domain Controllers and frankly I have had it up to 'here' with their bloated offerings. Time to go Linux.

Clients are virtually all Windows XP and Windows-7.

Having said that, while researching the possible use of Linux as a Domain Controller the main hits that kept being returned were referencing the term 'Primary Domain Controller'. To me this is akin to the old NT 4.0 PDC (and often BDC's) which provided no Active Directory, Dynamic DNS, etc.

Is there a Linux equivalent to Server 2003 which incorporates the above features such as DDNS, etc? And given the different varieties of Linux (Debian, SuSE, etc) any recommendations as to what might fulfill this role best? Management is of the definite opinion that free is best...

Again, many thanks.

[Rubberman]

You might want to look at OpenLDAP: OpenLDAP, Main Page
FWIW, it supports the LDAP protocols that Active Directory is based upon (but "extends" with Microsoft proprietary extensions).

[khildin]

Hi Bruce,

This is perfectly possible using Samba and openldap. Since you use a lot of W7 clients, it might be feasable to use Samba4, but that is (still) not stable..
Myself I am heavily involved with the Zentyal project htt p://w ww.zentyal.org. This is a Linux Small Business server that provides Samba domain and LDAP out of the box without the need to go through a billion config files. At the moment I have the server in use at 4 different places, for myself and others (small company and a schools)

Let me hear if I can be of assistance.

Regards,
Rob

[Bruce98]

Thanks Rubberman, greatly appreciated. Given the various versions of Linux that are available, is there a particular brand (such as CentOS) that you would recommend?

[Bruce98]

Hi Bruce,

This is perfectly possible using Samba and openldap. Since you use a lot of W7 clients, it might be feasable to use Samba4, but that is (still) not stable..
Myself I am heavily involved with the Zentyal project htt p://w ww.zentyal.org. This is a Linux Small Business server that provides Samba domain and LDAP out of the box without the need to go through a billion config files. At the moment I have the server in use at 4 different places, for myself and others (small company and a schools)

Let me hear if I can be of assistance.

Regards,
Rob

Rob,

Thank you. Are you selling this package, and if so for how much? As far as Samba 4 goes, if I am understanding correctly this can not at this time emulate Windows Server 2003 AD, supporting DDNS, etc?

Best,

Bruce

[khildin]

Hi Bruce,

I wish I could sell the package, but since it is opensource, I can't
You can download the package at zentyal.org
The forums overthere provide a lot of knowhow and help.
I do support the zentyal packages. As it stands now zentyal can perfectly act inside a W2k3 AD environment as a slave server. As mentioned, as soon Samba4 is stable, Zentyal will be able to completely take over a Windows domain controller.

Zentyal is SBS server based on Ubuntu LTS Server. Currently based on Lucid (10.04)

[Bruce98]

Hi Bruce,

I wish I could sell the package, but since it is opensource, I can't
You can download the package at zentyal.org
The forums overthere provide a lot of knowhow and help.
I do support the zentyal packages. As it stands now zentyal can perfectly act inside a W2k3 AD environment as a slave server. As mentioned, as soon Samba4 is stable, Zentyal will be able to completely take over a Windows domain controller.

Zentyal is SBS server based on Ubuntu LTS Server. Currently based on Lucid (10.04)

Thanks again. So until Samba 4 is released we're still going to have to use a Windows DC, and then move to Linux at which point it will fulfill the capabilities of a Windows DC?

Your help is greatly appreciated Rob.

[khildin]

Exactly. Untill then you can still have a linux domain controller, but it has to act as a slave (like the former NT4 BDC)

[Bruce98]

Exactly. Untill then you can still have a linux domain controller, but it has to act as a slave (like the former NT4 BDC)

The help is greatly appreciated. With the current stable version of Samba, are Active Directory and other functions such as DDNS as found in Server 2008R2 supported when acting as a slave? Or again is it a matter of waiting for a stable release of Samba 4?


Thanks,

Bruce

[khildin]

I'm not sure what you exactly mean with DDNS in W2k8R2. Is it the automatic registering of DNS records on the local LAN (ip addresses issued by DHCP) or making use of a service like DynDNS? I don't know if Zentyal does register clients in DNS. I barely use Windows servers/clients.
Have a look at an explanation of the differences here: ht tp://w ww.petri.co.il/forums/showthread.php?t=31983

The DynDNS service is implemented in Zentyal, with their own DDNS cloudsolution. However, DNSpark.c om, Joker.c om, ZoneEdit, DynDNS and EasyDNS are supported aswell.